Which of the following is the BEST approach for encouraging business units to assume their roles and responsibilities in an information security program?
A. Perform a risk assessment.
B. Conduct an awareness program.
C. Conduct a security audit.
D. Develop controls and countermeasures.
A. Perform a risk assessment.
B. Conduct an awareness program.
C. Conduct a security audit.
D. Develop controls and countermeasures.